Jack T Mudge III wrote:
On Monday 14 January 2008 07:13:01 am Riku Voipio wrote:
It's not only lack of 64bit that makes xview a problem. If security
issues withing xview are found, it is unlikely that they get fixed
in a timely manner.
Sometimes I wish there were a security warning system in dpkg. Say, a user
loads up Synaptic (or Adept, depending), and when they try to install a
dangerous package -- maybe a server that opens ports by default -- they get a
textual warning summarizing the problems, and pointing them to more
information (/usr/share/doc/pkg_name/SECURITY, perhaps?).
It seems to me that removing old packages just because they are old misses an
important point: There are people who use them. Perhaps warning them that the
packages are ancient and may be dangerous to their health is a good thing.
Removing xview or similar small, insignificant (to debian, not to the users
necessarily), and old packages doesn't seem like it'd do much good. It would,
however, annoy the users who DO still use them.
Removing old packages just because they are not maintained, have
(unknown) security issues and are almost not used is just making sure
that people don't install a package that is obsolete. People that are
using the package can continue using it or can decide to start using an
alternative...